anilkr

We were supposed to exit out of the beta with RTM released on MS.COM download center, but we faced some design challenges for external release. You can read more about our efforts on external release at http://blogs.msdn.com/b/securitytools/archive/2010/06/30/cat-net-v2-0-update.aspx.

Unfortunately both Anti-XSS library and CAT.NET work on mangaed code. It can't be used with classic ASP applications.

1. TWC stands for Trust Worthy Computing and TMT stands for Threat Modeling Tool, you can find the latest TMT which is called as SDL Threat Modeling Tool at http://www.microsoft.com/downloads/details.aspx?FamilyID=A48CCCB1-814B-47B6-9D17-1E273F65AE19&displaylang=en.

2. TAM tool is used internally for threat modeling Line of Business applications, it uses asset (data) centric approach which is a very critical part of the IT Applications. I have explained some in the video, security awareness, writing more secure code etc were some noticable gains. You can subscribe to our conenction on http://connect.microsoft.com/site/sitehome.aspx?SiteID=734 to get beta release information.

3. There are multiple levels of support that we offer, from professional services to simple email support and discussions. http://blogs.msdn.com/threatmodeling, http://blogs.msdn.com/securitytools and http://www.msinfosec.com are the best places to start. msacetm@microsoft is our public email alias where you can ask questions about this tool.